Malicious Apps Promise to Fix QuadRooter Flaw, but Infect Instead
Recently, cyber security experts discovered the QuadRooter flaw in Android devices that could allow cyber criminals to gain total control over the device. The vulnerability would allow hackers to gain “root” access to the device, which would provide absolute control over the device. As the Android is the most popular mobile operating system, the number of Android devices that are in use are the highest and runs into millions.
The QuadRooter flaw was discovered specifically in Qualcomm chipsets used in devices running on Android operating system. Following the discovery, Qualcomm had quickly issued fixes that plugged the vulnerabilities in order to prevent possible Android malware infection. The Quadrooter had four interconnected vulnerabilities that allowed root access to the device. Android devices using other chipsets such as Mediatek were not affected by this vulnerability.
Reputed information security companies had released apps on Google Play store that would allow users of Android + Qualcomm chip mobile devices to check whether the QuadRooter vulnerabilities existed even after the patch update was done. This was a genuine app. However, using the vulnerability of the QuadRooter as a threat, cyber criminals have got into action and have released a number of apps on Google store that promise to fix the QuadRooter vulnerabilities.
Obviously, these apps do not fix the QuadRooter vulnerabilities. The basic flaws have been fixed by Qualcomm, and whether any vulnerabilities exist beyond that fix is not yet known, rather not yet detected.
Some time back, an app called as Fix Patch QuadRooter popped up on the Google Play Store. This is a malicious app that promises to fix the QuadRooter flaw, but does not do any fixing. It may infect in other ways and steal data, and the extent of its malicious intention is not yet know. Subsequent to its detection, it was removed from the official Google Play store. Further searches in the Google Play Store revealed many more such malicious apps. Cyber criminals seem to be utilizing the buzz created by the QuadRooter flaw and released many malicious apps. Some of these malicious apps have also been found on other unofficial App stores like BingAPK, and AppBrain, etc..,
Time and again, malicious apps have found their way into the Google App store despite its security policies and vetting process. When such is the case for a genuine, reputed app store, the number of malicious apps that get into third-party app stores is countless in number.
In order to stay protected from malicious apps affecting the mobile operating system:
- Install a reputed antivirus/endpoint security solution.
- Control mobile devices connected to enterprise network with a mobile device management solution.
- Establish BYOD policies
- Control patches with a Patch management system
- Try to download apps only from genuine app stores like the Google Play store and Apple stores.